Encrypt Your Data on the Fly With TrueCrypt

Updated on November 10, 2008

Have you ever wished you could lock up your most private and personal files away from prying eyes? Do you have word processor files, or financial data you need to keep, but want to lock unauthorized people out? Or maybe, like me, you have a USB thumb drive that you take to work or school and want to encrypt some or all the data stored on it.

If you can relate to any of the above, then TrueCrypt is for you!

TrueCrypt

Truecrypt allows you to Mount virtual drives on the fly.

What is TrueCrypt?

TrueCrypt is free and open-source data encryption software that runs on Windows, Linux and Mac OS X. That's not the really cool part though. What makes TrueCrypt so insanely cool is that it provides automatic, real time encryption that is totally transparent to the user! It takes a bit of tech savvy to create a TrueCrypt volume, but once that is done, the user only needs to know how to mount a TrueCrypt volume (file) and enter a password.

The documentation is complete and easy to follow, so I won't go into the details here. But the 60 -second overview is that the data is encrypted and decrypted automatically when files on the TrueCrypt volume are accessed. The data on an encrypted volume cannot be read without loading (mounting) the volume in TrueCrypt with the proper password. Once the volume has been mounted, it appears as either a removable disk drive or a standard hard drive (you decide when mounting the volume) and files can be copied, to and from just as any other disk drive on the system.

Even though all this encryption and decryption happens on the fly in memory , there are no extra RAM requirements because only the portion of the file needed at the time is decrypted.

From the Website:

"Let's suppose that there is an .avi video file stored on a TrueCrypt volume (therefore, the video file is entirely encrypted). The user provides the correct password (and/or keyfile) and mounts (opens) the TrueCrypt volume. When the user double clicks the icon of the video file, the operating system launches the application associated with the file type - typically a media player. The media player then begins loading a small initial portion of the video file from the TrueCrypt-encrypted volume to RAM (memory) in order to play it. While the portion is being loaded, TrueCrypt is automatically decrypting it (in RAM). The decrypted portion of the video (stored in RAM) is then played by the media player. While this portion is being played, the media player begins loading next small portion of the video file from the TrueCrypt-encrypted volume to RAM (memory) and the process repeats. This process is called on-the-fly encryption/decryption and it works for all file types, not only for video files."

Features

That's the basic idea, but there are a ton of other features for users who want to get more advanced.

Here's a list of some of the features from the TrueCrypt Website:

Creates a virtual encrypted disk within a file and mounts it as a real disk.

Encrypts an entire partition or storage device such as USB flash drive or hard drive.

Encrypts a partition or drive where Windows is installed (pre-boot authentication).

Encryption is automatic, real-time (on-the-fly) and transparent.

Provides two levels of plausible deniability, in case an adversary forces you to reveal the password:

Hidden volume (steganography - read more about that here ).

No TrueCrypt volume can be identified (volumes cannot be distinguished from random data).

Truecrypt tutorial

There's also no file type to associate, so you can name your TrueCrypt volume as anything! This is pretty cool, because you can name the TrueCrypt volume that stores your financial data something innocuous like "ABBA dancing queen.avi", thus ensuring that NOBODY will even think of examining that file. Of course, naming it something with ABBA might push someone to delete it, and that would be undesirable. But the point here is that you can hide your TrueCrypt volume out in the open and no one will even suspect it contains your most private data.